It’s a periodic review, not a periodic refresh
What are periodic reviews and why do they matter?
Periodic reviews are an essential component of the Know Your Customer (KYC) process within the financial services industry. They refer to the regular reassessment and re-verification of clients' information after their initial onboarding. These reviews play a crucial role in identifying changes in a customer's financial crime profile, allowing firms to take appropriate action and ensure compliance with relevant regulations.
The importance of periodic reviews cannot be overstated. By conducting these reviews, financial institutions can effectively monitor financial crime risks, such as money laundering, terrorist financing, and fraud. This, in turn, helps them to maintain ongoing compliance with regulatory requirements, such as the European Union's Anti-Money Laundering Directive (AMLD), Financial Action Task Force (FATF) recommendations, and the Bank Secrecy Act (BSA) in the United States. These regulations emphasise the importance of up-to-date customer information as part of effective customer due diligence (CDD) and anti-money laundering (AML) compliance processes.
2022 saw a surge of over 50% in global regulatory fines imposed for poor financial crime prevention measures1, taking the total amount of fines levied to circa $55bn since the 2008 financial crisis. Moreover, as most penalties are typically imposed several years following the misconduct, the current figures do not fully represent the impending surge of fines that await firms that have been sluggish in adapting to the volatile global sanctions landscape following the conflict in Ukraine. In their 2021 letter to CEOs, the FCA identified "gaps in ongoing monitoring of customer relationships" as a crucial element contributing to firms' consistent lapses2. This has become a driving force behind the regulators' continued efforts to crack down on these organisations.
Periodic reviews are an essential part of regulatory compliance, helping maintain client trust and protecting an institution's business reputation. By proactively monitoring customer activities and identifying potential risks, financial institutions can better serve their clients and prevent financial crimes that could tarnish their image.
Periodic reviews vs periodic refreshes
Although the terms "periodic reviews" and "periodic refreshes" may be used interchangeably in some contexts, we find it appropriate to draw distinctions between the two in order to remove any ambiguity as to what a suitable ongoing KYC process should look like.
A periodic review is an in-depth analysis of a customer's risk profile, transaction patterns, and potential changes in their financial crime exposure. This requires a detailed examination of the client's information, including their source of funds, beneficial ownership, and any adverse news associated with them. A refresh, on the other hand, is a lighter touch approach, focused primarily on updating and verifying the accuracy of existing customer information. This may include confirming key data points, such as address, contact details, and employment status, but does not typically involve a deep dive into the customer's risk profile or transaction history.
Crucially, a refresh does not provide a comprehensive assessment of a customer's information, limiting its ability to reevaluate their overall risk profile. As a result, actions following the refresh process are often limited to recordkeeping, unless particularly obvious discrepancies or risk factors are uncovered.
In comparison, following a periodic review, institutions are more inclined to adjust a customer's risk rating, implement enhanced due diligence measures, or even sever the relationship if significant risks emerge. This approach enables institutions to proactively manage and mitigate potential financial crime risks effectively.
The challenge of periodic reviews
Periodic reviews, while essential, can be challenging for financial institutions to execute effectively due to a variety of factors:
Time constraints and resource limitations
Thorough periodic reviews can be time-consuming, straining an institution's resources. Balancing the need for comprehensive reviews with maintaining efficient operations can lead to rushed reviews, increasing regulatory breach risks and financial crime exposure. Financial institutions should identify where limitations exist in their current operating practice that are impeding a thorough review.
Data availability and quality
Successful periodic reviews depend on the availability and quality of customer data. Incomplete, outdated, or inaccurate information undermines the review process, making it difficult to identify risk profile changes or detect suspicious activities. Financial institutions must ensure access to high-quality data sources and implement robust data management practices.
Inadequate assignment of teams, individuals, and functions
Effectiveness depends on proper allocation of responsibilities among teams, individuals, and functions. Inadequate assignment or unclear roles can create gaps in the review process and reduce effectiveness. Institutions should establish clear lines of responsibility and ensure staff members have necessary training and expertise.
Lack of effective technology solutions for conducting reviews
Many financial institutions still rely on manual processes, inadequate document management systems, or outdated technology when conducting reviews, which can be inefficient, error-prone, and time-consuming. The lack of effective technology solutions impedes an institution's ability to scale review processes, adapt to regulatory changes, or respond to emerging risks. Financial institutions should invest in technology solutions to automate and streamline their periodic review processes.
Tick-box mentality: how mindset can hamper compliance
A tick-box mentality refers to an approach where organisations prioritise checking off tasks on a list without fully engaging with the underlying objectives or understanding the importance of those tasks. In the context of periodic reviews, a tick-box mentality can lead to superficial information refreshes, as institutions focus on meeting minimum requirements rather than conducting comprehensive assessments of their customers' risk profiles.
While a tick-box mentality is understandable in a fast-paced financial services environment with tight resources and cost pressures, failing to perform proper reviews can result in higher costs for firms in the future, including financial penalties imposed by regulators for non-compliance, as well as severe impacts on a company's reputation and client trust.
The greatest assets businesses have in the fight against financial crime are the vigilance, experience, and intuition of their people.
However, where we continue to face ever more sophisticated and increasingly digital methods for perpetrating financial crime, the methodologies and tools with which we empower people responsible for combatting this must in turn continue to evolve.
The use of RegTech in crucial areas of ongoing monitoring and financial crime identification enhances a business’s ability to identify and focus on high-risk areas and effectively apply resources through an integrated risk-based approach.
Whilst we remain at the nascent stage of its utility, RegTech, effectively embedded and deployed, in concert with people trained and effective in its use will characterise modern financial crime fighting.
Glen G. Nelson, Chief Executive Officer, Efficace
RegTech: making periodic reviews a reality
Regulatory technology (RegTech) solutions are designed to help institutions manage regulatory compliance more efficiently and effectively. There are various secondary benefits to implementing RegTech, which go beyond compliance and cost-savings, such as improved customer service, employee satisfaction and enhanced data insights. RegTech addresses many of the challenges associated with periodic reviews, transforming the way institutions approach their ongoing KYC and AML processes.
For example, RegTech solutions such as Vaiie’s incorporate advanced algorithms and analytics capabilities, in features such as live facial recognition, document verification and ultimate beneficial owner structure charts, and can assign probabilistic scores where binary human judgement would have otherwise existed. This enables a greater risk-based approach to periodic reviews, allowing financial institutions to prioritise higher-risk customers while streamlining reviews for low-risk clients. Using a targeted approach ensures that risk and compliance resources can be allocated efficiently, focusing on areas with the most significant potential impact.
RegTech solutions further streamline periodic reviews with smart workflows, eliminating manual reminders and disjointed tasks. They alert relevant personnel to their tasks within a single intelligent platform which adapts to each customer's unique circumstances.
Streamlined data collection and analyses are also made possible through RegTech solutions, as they can automatically gather, process, and analyse vast amounts of customer information from multiple sources. This not only saves time and effort but also improves data quality which in turn reduces the number of false positive alerts, ensuring that institutions have the most accurate and up-to-date information at their fingertips.
In conclusion, periodic reviews are of paramount importance in the financial services industry, as they play a vital role in identifying changes in customers' financial crime profiles, ensuring compliance with regulations, and maintaining client trust. However, institutions often face numerous challenges in conducting effective periodic reviews, including time constraints, data quality issues, inadequate resource allocation and the pitfalls of a tick-box mentality. Inadequate technology tools are the main reason firms unconsciously undertake periodic refreshes instead of the more comprehensive periodic reviews.
RegTech solutions offer a transformative approach to overcoming these challenges, streamlining data collection and analysis, enhancing accuracy and efficiency, and promoting a risk-based approach to periodic reviews. By embracing RegTech, financial institutions can not only reduce costs but also ensure they are better prepared to handle the evolving regulatory landscape and protect their businesses from ongoing financial crime risks.
As risk and compliance professionals, it is crucial to explore and adopt innovative RegTech solutions like those offered by Vaiie3 to stay ahead of the curve and effectively safeguard your institution against financial crime. By investing in cutting-edge technology, you can strengthen your institution's compliance processes and contribute to a safer, more transparent financial services industry for all.
To find out more about Vaiie or any of our digital solutions, please contact firstname.lastname@example.org.